[gull] Je surf pour vous - La newsletter IT de rififi-la-praline - 2024-04-25

Thu Apr 25 21:45:05 CEST 2024

Linus Torvalds on Security, AI, Open Source and Trust - The New Stack
https://thenewstack.io/linus-torvalds-on-security-ai-open-source-and-trust/

TS | Lions OS: secure – fast – adaptable
https://trustworthy.systems/publications/papers/Heiser_24:eo.abstract

seL4: The proof of functional correctness for the 64-bit Arm 
architecture (AArch64) is complete!
https://fosstodon.org/@sel4/112308076861244836

Apache NuttX Powers World's Smallest Lunar Robot in Japan's Historic 
Autonomous Lunar Exploration Mission | Developer World
https://developer.sony.com/posts/apache-nuttx-powers-worlds-smallest-lunar-robot-in-japans-historic-autonomous-lunar-exploration-mission

OpenBSD 7.5 locks down with improved disk encryption support • The Register
https://www.theregister.com/2024/04/12/openbsd_75_disk_encryption/

The first OpenWrt One WiFi 6 router board samples are ready, some will 
be auctioned at OpenWrt Summit on May 18-19 - CNX Software
https://www.cnx-software.com/2024/04/17/first-openwrt-one-router-board-samples-auction-openwrt-summit/

Low-Cost Pocket Router with 2x 1GbE + 2x 2.5GbE ports
https://linuxgizmos.com/low-cost-pocket-router-with-2x-1gbe-2x-2-5gbe-ports/

System76 Blog - April Tools: Hammering out new COSMIC Features
https://blog.system76.com/post/hammering-out-cosmic-features

SF exec defends 'brutal' trend: Lay off staff to free cash for AI
https://www.sfgate.com/tech/article/lay-off-workers-for-ai-investment-19408308.php

Internet data centers are fueling drive to old power source: Coal - 
Washington Post
https://www.washingtonpost.com/business/interactive/2024/data-centers-internet-power-source-coal/

Artificial intelligence is being used to create child abuse material, 
and police are worried about its spread - ABC News
https://www.abc.net.au/news/2024-04-18/artificial-intelligence-child-exploitation-material/103734216

The Illustrated Word2vec – Jay Alammar – Visualizing machine learning 
one concept at a time.
https://jalammar.github.io/illustrated-word2vec/

The invisible seafaring industry that keeps the internet afloat
https://www.theverge.com/c/24070570/internet-cables-undersea-deep-repair-ships

bakks/poptop
https://github.com/bakks/poptop

1buran/rHttp: REPL for HTTP
https://github.com/1buran/rHttp

Reddit - double slit in rust - https://i.redd.it/olz58oi2dnvc1.gif
https://www.reddit.com/media?url=https%3A%2F%2Fi.redd.it%2Folz58oi2dnvc1.gif

tRPC - End-to-end typesafe APIs made easy. | tRPC
https://trpc.io/

LINMOB.net - Weekly GNU-like Mobile Linux Update
https://linmob.net/weekly-update-14-2024/

Tell the U.S. Senate: STOP RISAA, the FISA Mass Surveillance Expansion | 
EFF Action Center
https://act.eff.org/action/tell-the-u-s-senate-stop-risaa-the-fisa-mass-surveillance-expansion

Senate passes reauthorization of key US surveillance program | AP News
https://apnews.com/article/fisa-donald-trump-surveillance-congress-johnson-81e991c9f82e77b2fe13f8a3e0e25349

I love programming but I hate the programming industry
https://www.deathbyabstraction.com/I-love-programming-but-I-hate-the-programming-industry

Pharmaceutical giant Bayer is getting rid of bosses and asking staff to 
‘self-organize’ to save $2.15 billion | Fortune Europe
https://fortune.com/europe/2024/04/11/pharmaceutical-giant-bayer-ceo-bill-anderson-rid-bosses-staff-self-organize-save-2-billion/

Der große Hack bei Volkswagen - China im Fokus - ZDFheute
https://www.zdf.de/nachrichten/wirtschaft/volkswagen-china-hacking-industriespionage-emobilitaet-100.html

Two Indonesians under investigation for alleged theft of Korean fighter 
aircraft technology
https://thereadable.co/two-indonesians-under-investigation-for-alleged-theft-of-korean-fighter-aircraft-technology/

oss-security - Re: The GNU C Library security advisories update for 
2024-04-17: fix out-of-bound writes when writing escape sequence
https://www.openwall.com/lists/oss-security/2024/04/18/4

xz-style Attacks Continue to Target Open-Source Maintainers | 
LinuxSecurity.com
https://linuxsecurity.com/news/security-trends/xz-style-attacks

The amazingly scary xz sshd backdoor - SANS Internet Storm Center
https://isc.sans.edu/diary/30802

Cisco Integrated Management Controller CLI Command Injection Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ

Cisco fixes vulnerabilities in Integrated Management Controller | CSO Online
https://www.csoonline.com/article/2093447/cisco-fixes-vulnerabilities-in-integrated-management-controller.html

Palo Alto Networks zero-day exploited since March to backdoor firewalls
https://www.bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/

Java services hit hardest by third-party vulnerabilities, report says | 
InfoWorld
https://www.infoworld.com/article/3715264/java-services-hit-hardest-by-third-party-vulnerabilities-says-report.html

Tons of compromised NFS consumer devices | Hacker News
https://news.ycombinator.com/item?id=40064190

‘Disable iMessage ASAP’—‘High-Risk’ Alert Issued Over ‘Credible’ iPhone 
Dark Web Exploit
https://www.forbes.com/sites/digital-assets/2024/04/17/disable-imessages-asap-high-risk-alert-issued-over-credible-iphone-exploit/

Windows vulnerability reported by the NSA exploited to install Russian 
malware | Ars Technica
https://arstechnica.com/security/2024/04/kremlin-backed-hackers-exploit-critical-windows-vulnerability-reported-by-the-nsa/

Why Microsoft is a national security threat • The Register
https://www.theregister.com/2024/04/21/microsoft_national_security_risk/

Open Source Community Unites to Build CRA-Compliant Cybersecurity 
Processes - The Apache Software Foundation Blog
https://news.apache.org/foundation/entry/open-source-community-unites-to-build-cra-compliant-cybersecurity-processes

Former Microsoft developer says Windows 11's performance is "comically 
bad," even with monster PC : programming
https://old.reddit.com/r/programming/comments/1c8hl8k/former_microsoft_developer_says_windows_11s/

Tiny11 Builder trims Windows 11 fat with PowerShell script • The Register
https://www.theregister.com/2024/04/22/tiny11_builder_update/

Le domaine ".swiss" devient accessible aux particuliers - rts.ch - Suisse
https://www.rts.ch/info/suisse/2024/article/le-domaine-swiss-devient-accessible-aux-particuliers-28473838.html

Why we suck at estimating software projects | InfoWorld
https://www.infoworld.com/article/3715342/why-we-suck-at-estimating-software-projects.html

JEDEC Extends DDR5 Memory Specification to 8800 MT/s, Adds 
Anti-Rowhammer Features
https://www.anandtech.com/show/21363/jedec-extends-ddr5-specification-to-8800-mts-adds-anti-rowhammer-features

Qualcomm faces benchmark cheating allegations — Snapdragon X Elite/Plus 
benchmarks claimed to be fraudulent | Tom's Hardware
https://www.tomshardware.com/tech-industry/qualcomm-faces-benchmark-cheating-allegations-snapdragon-x-eliteplus-benchmarks-claimed-to-be-fraudulent

IT burnout crisis: Surprising number of tech experts worldwide feeling 
overwhelmed -
https://studyfinds.org/it-burnout-crisis-overwhelmed/

-- 
Philippe Strauss
https://straussengineering.ch/